yahoo-eng-team team mailing list archive

[Guillaume Espanel <1989199@xxxxxxxxxxxxxxxxxx>]

Public bug reported:

At the moment, there is no limit on how many requests the metadata-agent
will handle. Some users may sometimes run scripts in their instances that
try to query the metadata endpoint at high rate (for example a bugged k8s
cloud controller manager), causing an increased load on some or all the
component above the metadata-agent.

We'd like to add some rate-limiting around the metadata-agent level to give
some protection to the other components. We were thinking to implement
that through a change to the metadata's haproxy's configuration using
stick-tables. In that case, the rate-limited queries would get a 429
without even being passed to the metadata-agent itself.

** Affects: neutron
     Importance: Undecided
         Status: New


** Tags: rfe

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1989199

Title:
  [rfe] rate-limit metadata API

Status in neutron:
  New

Bug description:
  At the moment, there is no limit on how many requests the metadata-agent
  will handle. Some users may sometimes run scripts in their instances that
  try to query the metadata endpoint at high rate (for example a bugged k8s
  cloud controller manager), causing an increased load on some or all the
  component above the metadata-agent.

  We'd like to add some rate-limiting around the metadata-agent level to give
  some protection to the other components. We were thinking to implement
  that through a change to the metadata's haproxy's configuration using
  stick-tables. In that case, the rate-limited queries would get a 429
  without even being passed to the metadata-agent itself.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1989199/+subscriptions